ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Identity Manager / Suite - CVE-2022-22965 (Spring Framework Vulnerability)

book

Article ID: 238654

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

There was a recent vulnerability notification regarding CVE-2022-22965 (Spring Framework Vulnerability) which revolves around Java 9.x. Are any of the Identity Suite components vulnerable? 

Environment

Release : 14.X

Component : IdentityMinder(Identity Manager)

Component : IdentityPortal(Identity Portal)

Component : IdentityGovernance(Identity Governance)

Component : IdentitySuite(Identity Suite)

Resolution

All Identity Suite components have been reviewed by engineering and development and it has been determined that all components are not vulnerable. This includes the standalone and VAPP versions.

Please reference the below advisory board for all Symantec security products.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/20427